Tag: zero-day
-
The Register: Citrix bleeds again: This time a zero-day exploited – patch now
Source URL: https://www.theregister.com/2025/06/25/citrix_netscaler_critical_bug_exploited/ Source: The Register Title: Citrix bleeds again: This time a zero-day exploited – patch now Feedly Summary: Two emergency patches issued in two weeks Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed “CitrixBleed 2," the embattled networking device vendor…
-
Cisco Talos Blog: catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities
Source URL: https://blog.talosintelligence.com/catdoc-zero-day-nvidia-high-logic-fontcreator-and-parallel-vulnerabilities/ Source: Cisco Talos Blog Title: catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities Feedly Summary: Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three zero-day vulnerabilities in catdoc, as well as vulnerabilities in Parallel, NVIDIA and High-Logic FontCreator 15. AI Summary and Description: Yes Summary: The disclosed vulnerabilities highlight significant security…
-
Cisco Talos Blog: Everyone’s on the cyber target list
Source URL: https://blog.talosintelligence.com/everyones-on-the-cyber-target-list/ Source: Cisco Talos Blog Title: Everyone’s on the cyber target list Feedly Summary: In this week’s newsletter, Martin emphasizes that awareness, basic cyber hygiene and preparation are essential for everyone, and highlights Talos’ discovery of the new PathWiper malware. AI Summary and Description: Yes **Summary:** The text summarizes insights on personal cybersecurity…
-
Cloud Blog: Mandiant M-Trends 2025: 3 key insights for public sector agencies
Source URL: https://cloud.google.com/blog/topics/public-sector/mandiant-m-trends-2025-3-key-insights-for-public-sector-agencies/ Source: Cloud Blog Title: Mandiant M-Trends 2025: 3 key insights for public sector agencies Feedly Summary: The cyber defense and threat landscape demands continuous adaptation, as threat actors continue to refine their tactics to breach defenses. While some adversaries are using increasingly sophisticated approaches with custom malware, zero-day exploits, and advanced evasion…
-
Cisco Talos Blog: UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Source URL: https://blog.talosintelligence.com/uat-6382-exploits-cityworks-vulnerability/ Source: Cisco Talos Blog Title: UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware Feedly Summary: Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader. AI Summary and Description: Yes **Summary:** The text describes the exploitation of a significant remote-code-execution…
-
The Register: Ivanti patches two zero-days under active attack as intel agency warns customers
Source URL: https://www.theregister.com/2025/05/14/ivanti_patches_two_zerodays_and/ Source: The Register Title: Ivanti patches two zero-days under active attack as intel agency warns customers Feedly Summary: Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product Australia’s intelligence agency is warning organizations about several new Ivanti zero-days chained for remote code execution (RCE) attacks. The…
-
Microsoft Security Blog: Marbled Dust leverages zero-day in Output Messenger for regional espionage
Source URL: https://www.microsoft.com/en-us/security/blog/2025/05/12/marbled-dust-leverages-zero-day-in-output-messenger-for-regional-espionage/ Source: Microsoft Security Blog Title: Marbled Dust leverages zero-day in Output Messenger for regional espionage Feedly Summary: Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output…